CISSP passed after 30 days.
So I should preface, I've been in Security for 15 years, manager for
the last 8 or so. Kept putting off my CISSP, due to life and other
stuff. I got my CEH two years ago as my boss wanted all my staff to have
it, so I figured lead by example. He also wanted me to have the CISSP, so I've finally obliged.
My main study was the updated Shon Harris book on google play, which I will admit I skimmed. ITProTV (which my work pays for) has a CISSP accelerated course, which I watched right the way through... at 1.5-1.8 speed. Re-watched episodes I wasn't sure of. Then Boson Exams to verify weak areas and restudy, if it wasn't in my notes I'd look in the book or simply write out the explanation from Boson. I also used the CISSP flashcards that were on quizlet and the free apps rocket prep and CISSP flash card (I don't think the free ones were that valuable.)
Got lots of questions on SDLC, asset management and risk assessments, a couple on OSI and TCP/IP in models. I knew security models backwards and didn't get any questions on it
The below videos were suggested by someone on here, and I think they helped immensely.
A bit from my notes below that was super valuable from the above videos.
Be a risk advisor/manager, don't fix problems don't look at technical in questions. Physical safety is always the first choice. Pick the option that is cheapest to solve the problem Plan, do, check, act. Which phase is the question in.
Happy to answer any questions.
Wondering what to do next. I want to start an IT Security masters next year, and they give a subject credit each for the Security+ (which I never got, but doing the practice exams I get 90+%), the CISM, and the CRISC. Thinking I might go CISM next, any suggestions?
"Brain does not meet certification requirements, please install more certifications" Me
Currently Studying: CISM, then CRISC, Security+ (cause) then onto my IT Security masters
Security blog; http://security.morganstorey.com